Image file names need to be encrypted or randomized
Status:
Archived
Submitted by
HarrisonHall1
on
04-12-2022
12:37 PM
The way canvas handles filenames allows for cheating in exams and quizzes. An uploaded filename is not changed by canvas, and this results in the option for a student to view the file in a separate tab, inspect html, or use a browser extension to view the file name by hovering over it.
If the filename is the answer, such as in an identification quiz, the student can easily cheat without getting caught. To get around this, instructors should rename files before submitting, however this is a glaring problem that could be addressed by canvas via a few easy changes:
- Encrypting filenames. This could even have a key that allows instructors to see the original name, but users could only see the encrypted name.
- Random file name. Upon uploading a file, it could be assigned a random name. There are many algorithms available that could insure that the name is always unique.
- Disable the option for users to inspect or right click during quizzes or exams. This is not foolproof, it can easily be circumvented, but it would require more steps to cheat.
I've reported this problem to Canvas in the past, and it was never addressed. Instructors beware, your students can easily cheat, and canvas could easily patch this problem.
Labels
9 Comments
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.